package lib::In;

# This file is part of noplagia.
#
# noplagia is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# noplagia is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# noplagia; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
# Suite 330, Boston, MA  02111-1307 USA

use strict;
# use warnings;
use HTML::Template::Pro;
use lib::Context;
use CGI::Session;
use lib::Context;
use Data::Dumper; # FIXME :: remove.
require Exporter;
our ($VERSION,@ISA,@EXPORT);

$VERSION = 0.01;

=head1 NAME

lib::Auth - Authentification et chargement des templates.

=head1 SYNOPSIS

  use CGI;
  use lib::Auth;

  my $query = new CGI;

  # chargement du template
  my $template = get_template_and_user(
    {
        template   => "opac-main.tmpl",
        query      => $query,
        flags      => {admin => '1'},
	}
  );

  # ecriture du template
  output_html_with_http_headers ($query, $cookie, $template->output);

=head1 DESCRIPTION

    Ce module permet de charger un template en verifiant les droits dessus.
    Il permet aussi d'ecrire un template avec ces entetes et cookie

=head1 FUNCTIONS

=over 2

=cut

@ISA    = qw(Exporter);
@EXPORT = qw(
  &get_template_and_user
  &output_html_with_http_headers
  &session
);

=item get_template_and_user

 TODO description de la fonction get_template_and_user

=cut

sub get_template_and_user($) {
    my $in = shift;
    my $query = $in->{'query'};
    my $template_name = $in->{'template'};

    &set_conn_db; # Connection a la B D D

    # Session check

    if (!&session){
        my $template = _get_template('auth.tmpl');
        output_html_with_http_headers($query, $template->output);
    }

    # authentification check
    if(not get_pref('insecure')){
        if(not &_checkauth($in->{'flags'})){
            my $template = _get_template("auth.tmpl");
            $template->param(MSG_FLAGS_REQUIRED=>1);
            output_html_with_http_headers($query,$template->output);
        }
    }
    my $template = _get_template($template_name);

    # TODO Systems preferences management here ..!
    $template->param(login_footer => &get_current_user->pseudo);
    return $template;
}

# _checkauth($template_flags) retourne vrai ou faux.
# Verifie que l'utilisateur courant a le droit de demander cette page.
sub _checkauth($) {
    my $tmpl_flags = shift;
    my $user_flags = get_user_flags(&get_current_user()->id);
    foreach my $tmpl_flag (keys %$tmpl_flags){
        return 0 if not exists $user_flags->{$tmpl_flag};
    }
    return 1;
}

# _get_template("nom_du_template");
# fonction interne ouvrant le template vi H::T::Pro
sub _get_template {
    my $tmpl_adress = shift;
    my $htdocs = config("htdocs");
    my $theme  = get_pref("theme");
    my $lang   = get_pref("lang");
    my $css    = get_pref("style");

    my $template = HTML::Template::Pro->new (
        filename          => "$htdocs/$theme/$lang/$tmpl_adress",
        die_on_bad_params => 1,
        global_vars       => 1,
        case_sensitive    => 1,
        path              => ["$htdocs/$theme/$lang/inc"],
    );
    $template->param(
            stylesheet => $css,
            htdocs     => $htdocs,
            lang       => $lang,
            theme      => $theme,
    );
    return $template;
}

=item output_html_with_http_headers

   &output_html_with_http_headers($query, $html)

    Outputs the HTML page $html with the appropriate HTTP headers,
    with the authentication cookie $cookie and a Content-Type that
    corresponds to the HTML page $html.

=cut

sub output_html_with_http_headers ($$) {
    my($query, $html) = @_;
    print $query->header(
        -type    => "text/html",
        -charset => "utf-8",
    ),
    $html;
    exit(0);
}

=item session

    &session;
    Ecrit le cookie de session dans les entetes http

=cut

sub session {
    my $session = new CGI::Session();
    my $CGISESSION = $session->id();
    $ENV{'NOPLAGIA_SESSION'} = $session;
    print $session->header();
    return 1 if ($session->param('login'));
    return 0;
}

END { }
1;
__END__

=back

=head1 AUTEUR

    noplagia dev team

    http://noplagia.org

=cut
